package com.saxon.springsecurity.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@Configuration
public class securityConfig extends WebSecurityConfigurerAdapter {
    //    权限给予
    @Override
    protected void configure (HttpSecurity http) throws Exception {
        http.authorizeRequests ().antMatchers ("/", "/index").permitAll ()
                .antMatchers ("/level1/*").hasRole ("vip1")
                .antMatchers ("/level2/*").hasRole ("vip2")
                .antMatchers ("/level3/*").hasRole ("vip3");
        //登录
        http.formLogin ().loginPage ("/toLogin");
        //注销
        http.csrf ().disable ();
        http.logout ().logoutSuccessUrl ("/");
        //记住我
        http.rememberMe ().rememberMeParameter ("remember");

    }
    //授权用户

    @Override
    protected void configure (AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication ().passwordEncoder (new BCryptPasswordEncoder ())
                .withUser ("saxon").password (new BCryptPasswordEncoder ().encode ("123456")).roles ("vip1", "vip2", "vip3")
                .and ()
                .withUser ("root").password (new BCryptPasswordEncoder ().encode ("123456")).roles ("vip1");
    }
}
